In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
This article mainly introduces the steps of "centos installation and configuration of pptp". In daily operation, I believe many people have doubts about the steps of centos installation and configuration of pptp. The editor consulted all kinds of materials and sorted out simple and easy-to-use methods of operation. I hope it will be helpful to answer the doubts of "centos installation and configuration of pptp". Next, please follow the editor to study!
Description:
Server operating system: CentOS 5.X 64-bit
Server IP address: 192.168.21.128
Purpose: the server installs and configures pptp software to provide virtual private network dialing service
Specific operations:
Download the installation package
1. Ppp # this software package is required to install pptpd
Http://poptop.sourceforge.net/yum/stable/packages/ppp-2.4.4-14.1.rhel5.x86_64.rpm
2. The latest version of pptpd #
Http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.4.0-1.rhel5.x86_64.rpm
Upload to / usr/local/src directory after download
Check whether the server system environment supports the installation of pptp virtual private network
1. Check whether the system kernel supports MPPE patches.
The code is as follows:
Modprobe ppp-compress-18 & & echo success
Display success indicates that the system supports MPPE patches. If not, you need to install kernel-devel first.
The code is as follows:
Yum install kernel-devel
2. Check whether the system enables TUN/TAP support.
Cat / dev/net/tun
If this instruction displays the following text, it indicates that it is approved:
The code is as follows:
Cat: / dev/net/tun: File descriptor in bad state
3. Check whether the system enables ppp support.
The code is as follows:
Cat / dev/ppp
If this instruction displays the following text, it indicates that it is approved:
The code is as follows:
Cat: / dev/ppp: No such device or address
The above three items must be met at the same time, otherwise the pptp virtual private network cannot be installed
Third, install pptp
The code is as follows:
Cd / usr/local/src
Rpm-ivh ppp-2.4.4-14.1.rhel5.x86_64.rpm # install ppp
Rpm-ivh pptpd-1.4.0-1.rhel5.x86_64.rpm # install pptp
4. Configure pptp
1. Edit vi / etc/ppp/options.pptpd #, add and modify the following parameters
The code is as follows:
Name pptpd
Refuse-pap
Refuse-chap
Refuse-mschap
Require-mschap-v2
Require-mppe-128
Proxyarp
Lock
Nobsdcomp
Novj
Novjccomp
Nologfd
Ms-dns 8.8.8.8 # add primary DNS server address
Ms-dns 8.8.4.4 # add standby DNS server address
: wq! # Save, exit
2. Vi / etc/ppp/chap-secrets # set pptp dial-up users and passwords (multiple users can be set, one per line)
The code is as follows:
# client server secret IP addresses
Osyunwei virtual private network user01 pptpd 123456 *
Osyunwei virtual private network user02 pptpd 1234 *
Osyunwei virtual private network user03 pptpd 12345678 *
Format: username pptpd password *
Where * indicates that the client is automatically assigned an IP address
: wq! # Save, exit
3. Vi / etc/pptpd.conf # set the IP address of the pptp server and set the virtual private network to dial into the client ip address pool
The code is as follows:
Option / etc/ppp/options.pptpd
Logwtmp
Localip 172.16.36.1 # set the pptp virtual dial-up server IP address (note: not the IP address of the server itself)
Remoteip 172.16.36.2-254# dynamically assigns IP addresses between 172.16.36.2and 172.16.36.254 for users dialed into the virtual private network
The code is as follows:
: wq! # Save, exit
/ sbin/service pptpd start # launch pptp
/ etc/init.d/pptpd stop # shutdown
Service pptpd restart # restart
Chkconfig pptpd on # set boot up
5. Enable the server system routing mode to support packet forwarding
Edit vi / etc/sysctl.conf
The code is as follows:
Net.ipv4.ip_forward = 1 # set to 1
# net.ipv4.tcp_syncookies = 1 # comment out
The code is as follows:
: wq! # Save, exit
/ sbin/sysctl-p # make the setting take effect immediately
VI. Set firewall forwarding rules
The code is as follows:
Yum install iptables # install a firewall
Service iptables start # start the firewall
Iptables-t nat-A POSTROUTING-s 172.16.36.0 iptables 255.255.255.0-j SNAT-- to-source 192.168.21.128 # add rules
Iptables-A FORWARD-p tcp-- syn-s 172.16.36.0 to 255.255.255.0-j TCPMSS-- set-mss 1356 # add rules
/ etc/init.d/iptables save # Save firewall settings
Open the pptp service port tcp 1723, and set the virtual private network to dial into the client ip address pool 172.16.36.0and255.255.255.0 through the firewall.
Edit vi / etc/sysconfig/iptables and add the following code
The code is as follows:
-A RH-Firewall-1-INPUT-p tcp-m state-- state NEW-m tcp-- dport 1723-j ACCEPT
-A RH-Firewall-1-INPUT-s 172.16.36.0Universe 255.255.255.0-j ACCEPT
: wq! # Save, exit
Note:
The code is as follows:
# 192.168.21.128 is the server IP address
# 172.16.36.0 pptp 255.255.255.0 is the IP address field of the virtual dial-up server set in step 4.
/ etc/init.d/iptables restart # restart the firewall
Chkconfig iptables on # set boot up
Cat / etc/sysconfig/iptables # View Firewall profile
# Generated by iptables-save v1.3.5 on Wed Dec 11 20:21:08 2013
* nat
: PREROUTING ACCEPT [60:4680]
: POSTROUTING ACCEPT [4:258]
: OUTPUT ACCEPT [4:258]
-A POSTROUTING-s 172.16.36.0Universe 255.255.255.0-j SNAT-- to-source 192.168.21.128
COMMIT
# Completed on Wed Dec 11 20:21:08 2013
# Generated by iptables-save v1.3.5 on Wed Dec 11 20:21:08 2013
* filter
: INPUT ACCEPT [0:0]
: FORWARD ACCEPT [0:0]
: OUTPUT ACCEPT [94:16159]
: RH-Firewall-1-INPUT-[0:0]
-An INPUT-j RH-Firewall-1-INPUT
-A FORWARD-j RH-Firewall-1-INPUT
-A FORWARD-s 172.16.36.0 FORWARD 255.255.255.0-p tcp- m tcp--tcp-flags FIN,SYN,RST,ACK SYN-j TCPMSS-- set-mss 1356
-A RH-Firewall-1-INPUT-I lo-j ACCEPT
-A RH-Firewall-1-INPUT-p icmp- m icmp--icmp-type any-j ACCEPT
-A RH-Firewall-1-INPUT-p esp-j ACCEPT
-A RH-Firewall-1-INPUT-p ah-j ACCEPT
-A RH-Firewall-1-INPUT-d 224.0.0.251-p udp-m udp-- dport 5353-j ACCEPT
-A RH-Firewall-1-INPUT-p udp-m udp-- dport 631-j ACCEPT
-A RH-Firewall-1-INPUT-p tcp-m tcp-- dport 631-j ACCEPT
-A RH-Firewall-1-INPUT-m state-- state RELATED,ESTABLISHED-j ACCEPT
-A RH-Firewall-1-INPUT-p tcp-m state-- state NEW-m tcp-- dport 22-j ACCEPT
-A RH-Firewall-1-INPUT-p tcp-m state-- state NEW-m tcp-- dport 1723-j ACCEPT
-A RH-Firewall-1-INPUT-s 172.16.36.0Universe 255.255.255.0-j ACCEPT
-A RH-Firewall-1-INPUT-j REJECT-- reject-with icmp-host-prohibited
COMMIT
# Completed on Wed Dec 11 20:21:08 2013
Set up the ppp device node automatically when booting up (this file may be lost after the system reboot, resulting in pptp client dialing error 619)
Edit vi / etc/rc.d/rc.local and add this line of code at the end of the file
The code is as follows:
Mknod / dev/ppp c 108 0 # add this line at the end of the file
: wq! # Save, exit
At this point, on the "centos installation and configuration of pptp steps" study is over, I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.